Online data thieves will jump at the chance to harvest even the most innocuous personal information.
ROSEMARY HATTERSLEY demonstrates how to tighten up Facebook security Facebook friends or foes? Whether you're a committed telly addict, a tabloid aficionado or a web surfer extraordinaire, we're sure you can't help but notice that every couple of days seems to bring another security scare. Scare stories make for good headlines, of course, but some affect you more than others. Such is the case with privacy - something we're increasingly expected to manage for ourselves. There are plenty of straightforward ways to claw back some peace of mind. As we outlined in our in-depth look at the latest online security threats ( bit.ly/bXLTpW), the little bits of information with which we furnish web apps can be collectively turned against us. A good example is the Facebook app that asks what single topped the charts the day you were born. I don't mind admitting that my answer to this is one of those dated comedy tracks. But I'm not about to amuse Facebook's entire London network (several million-strong and counting) with its details, particularly when doing so narrows down my date of birth to a seven-day period. How many guesses does a hacker need to correctly ascertain and make use of my date of birth (DOB) on an official form, such as applying for a credit card? Not many, given those odds. Changes to Facebook's interface now promote the idea of searching, Friends Reunited-style, for old acquaintances based on school years. Again, you're semi-publicly drilling down into the detail and then proudly displaying the results. If you and five of your friends all went to the same school, it takes only one person to list their DOB for a snoop to reasonably deduce that you were all in the same school year. Don't even get me started on the dangers of posting your full address, phone numbers and myriad other details that only true friends should be privy to. And it's no better if you have a blog and post the information there. Web crawlers will happily serve it all up on a platter to anyone who knows how to use a search engine skilfully. It's great to share; it's even better to check first who you're sharing it with. PLUG FACEBOOK INFORMATION LEAKS START Click Account at the top right and choose Account Settings from the drop-down menu. From here, you can swap your existing password for a stronger alphanumeric one. It's also a good idea to remove your maiden or middle names if you included them at registration. 2 Click the Networks tab to check you're happy with the sharing settings for any network you may have joined. You're no longer required to join a network, however, so you may prefer to remove yourself from it altogether. Also consider unlinking your Twitter and MySpace accounts, your personal blog and so on. 3 The Privacy Settings are equally important; they're also under the Account menu. Facebook has tightened up some of its defaults, but it's wise to check what you're sharing with whom. In particular, don't let third parties use your profile picture in their advertising, which may fool some of your less tech-savvy friends. 4 If you log into Facebook with a mobile phone number, have signed up for Facebook texts or listed your number at sign-up, be aware that your phone number will be available for all your 'friends' to see (plus networks such as Foursquare). If you don't want them to call you or send you text spam, alter your settings on the Mobile tab. 5 Hackers often seek out a weak link, such as someone who appears to accept friends willy-nilly. Having been accepted, they try to become friends with that person's friends, who assume the newcomer must be kosher. Go to Accounts, Edit friends for a list from which you can purge anyone you don't actively know. 6 You'd be surprised what you can learn about people based on their answers to Facebook's quizzes. Most apps request permission to post your answers to the Live Feed and to your Wall but, even if you ignore such requests, commenting on someone else's results could reveal more than you intended to. PASSWORDS AND FILE LOCKERS Two of the most straightforward changes you can make to your everyday security setup involve using a password generator to protect your logins, and a file-encryption tool to scramble your emails and documents so they can't be intercepted between you and the recipient. One of the best-known password utilities is KeePass Password Safe ( keepass.info), which enables you to easily keep track of all your logins and usernames without resorting to the simple but highly insecure practice of using a single password for all sites. Instead, this free, open-source password generator uses an encrypted database to do the heavy thinking for you. A similar approach is offered by PGP ( pgp.com) which is short for 'pretty good privacy'. This security stalwart makes it easy for you to perform everyday tasks without compromising your files. Use it when you need to send an important document or a message that you don't want others to be able to read. A key is sent along with it that only the intended recipient can decode. LOCK DOWN YOUR DATA START Thousands of laptops are lost or stolen each year. Lock yours down to prevent data being siphoned off it without your knowledge. USB flash drives and other portable media also pose a significant risk. Password-protect and encrypt the drive, and use a biometric fingerprint reader for access. 2 Vista and Windows 7 Enterprise and Ultimate users can make use of BitLocker and BitLocker To Go. BitLocker encrypts internal drives, while BitLocker To Go protects external storage. You'll need the BitLocker Drive Preparation Tool to ensure your volumes are properly configured first ( tinyurl.com/yhlfsbx). 3 Once your drive is properly partitioned, you can encrypt it. Click on BitLocker Drive Encryption in the Control Panel. The console will display the available drives and indicate whether BitLocker is currently protecting them. Note that the display separates the internal and external drives. 4 Click 'Turn On BitLocker' next to any unencrypted drive to begin the encryption process. Choose a password or opt to insert your smartcard for authentication. BitLocker then offers an opportunity for you to save the BitLocker Recovery Key - a failsafe for a forgotten password. Tony Bradley LOCK UP PORTABLE HARD DISKS Windows Vista is able to protect internal drives and volumes, but it cn't encrypt data on removable drives. Windows 7 addresses that glaring lack of functionality with BitLocker to Go. While you're able to continue working as BitLocker runs in the background, removing a drive during the initial encryption process can destroy the data stored on it. If you absolutely must do so, use the Pause button to halt the process first. Using BitLocker to Go, you can protect data on USB flash drives and other removable media. If you need to share sensitive information with other people, you can give them the encrypted data on the USB drive and give them a password to unlock the contents. You can also require a smartcard to unlock the data for additional protection, and deliver the two separately. BitLocker to Go gives administrators the ability to control how removable media can be used, as well as to enforce policies for protecting data on removable drives. They can make unprotected removable storage read-only, and require that the system applies BitLocker encryption to any removable storage before users can save data to it. How to use BitLocker without a TPM ( bit.ly/dvG68c). Technical telepathy: 09969636745 Saints are not always saints; sinners are not always sinners. Voice your thoughts in the blog to discuss the Rights of persons with disability bill at: http://www.accessindia.org.in/harish/blog.htm To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
